dce/rpc
authorLuke Leighton <lkcl@samba.org>
Fri, 16 Oct 1998 23:40:59 +0000 (23:40 +0000)
committerLuke Leighton <lkcl@samba.org>
Fri, 16 Oct 1998 23:40:59 +0000 (23:40 +0000)
source/include/ntdomain.h
source/include/proto.h
source/include/smb.h
source/rpc_parse/parse_samr.c
source/rpc_server/srv_pipe_hnd.c
source/rpc_server/srv_samr.c
source/rpc_server/srv_util.c
source/rpcclient/cmd_samr.c

index 5fb40c5bcca97011337bd70a28757d73f3bf8807..07d32519bf68ab6119f5f5bd4120a9ceb3920565 100644 (file)
@@ -85,6 +85,7 @@ typedef struct pipes_struct
        RPC_AUTH_NTLMSSP_RESP ntlmssp_resp;
 
        BOOL ntlmssp_auth;
+       BOOL ntlmssp_validated;
        unsigned char ntlmssp_hash[258];
        fstring user_name;
        fstring domain;
index 63f4d624dc6b4a077aef4011b8d54856d8040843..a5d6d828f7f8347990b9d903fdab6741fa000985 100644 (file)
@@ -1750,6 +1750,7 @@ void make_samr_q_chgpasswd_user(SAMR_Q_CHGPASSWD_USER *q_u,
                                char nt_newpass[516], char nt_oldhash[16],
                                char lm_newpass[516], char lm_oldhash[16]);
 void samr_io_q_chgpasswd_user(char *desc, SAMR_Q_CHGPASSWD_USER *q_u, prs_struct *ps, int depth);
+void make_samr_r_chgpasswd_user(SAMR_R_CHGPASSWD_USER *r_u, uint32 status);
 void samr_io_r_chgpasswd_user(char *desc, SAMR_R_CHGPASSWD_USER *r_u, prs_struct *ps, int depth);
 
 /*The following definitions come from  rpc_parse/parse_srv.c  */
index 05ea1bf7c7981567c3c537a9fd154e709d1e8825..4cc5599f44a77a7c7d18b441a39e23d1d17df32c 100644 (file)
@@ -490,6 +490,7 @@ typedef struct connection_struct
        name_compare_entry *hide_list; /* Per-share list of files to return as hidden. */
        name_compare_entry *veto_list; /* Per-share list of files to veto (never show). */
        name_compare_entry *veto_oplock_list; /* Per-share list of files to refuse oplocks on. */       
+
 } connection_struct;
 
 struct current_user
@@ -497,7 +498,7 @@ struct current_user
        connection_struct *conn;
        uint16 vuid;
        uid_t uid;
-    gid_t gid;
+       gid_t gid;
        int ngroups;
        gid_t *groups;
 };
index eb882a75640b66ceddaad8ca3e5e65fdcc211b10..a443191a7a382d38fc7038afed3467218f2d05d4 100644 (file)
@@ -2357,6 +2357,7 @@ void make_samr_q_connect(SAMR_Q_CONNECT *q_u,
        DEBUG(5,("make_q_connect\n"));
 
        /* make PDC server name \\server */
+       q_u->ptr_srv_name = len_srv_name > 0 ? 1 : 0; 
        make_unistr2(&(q_u->uni_srv_name), srv_name, len_srv_name);  
 
        /* example values: 0x0000 0002 */
@@ -2750,6 +2751,18 @@ void samr_io_q_chgpasswd_user(char *desc, SAMR_Q_CHGPASSWD_USER *q_u, prs_struct
        samr_io_enc_hash  ("lm_oldhash", &(q_u->lm_oldhash), ps, depth); 
 }
 
+/*******************************************************************
+makes a SAMR_R_CHGPASSWD_USER structure.
+********************************************************************/
+void make_samr_r_chgpasswd_user(SAMR_R_CHGPASSWD_USER *r_u, uint32 status)
+{
+       if (r_u == NULL) return;
+
+       DEBUG(5,("make_r_chgpasswd_user\n"));
+
+       r_u->status = status;
+}
+
 /*******************************************************************
 reads or writes a structure.
 ********************************************************************/
index 27e156943cf68d93390913b2e2635e16881c6032..d5c99b89c415555598022e1d13bd681c8d4ddfee 100644 (file)
@@ -137,6 +137,9 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name,
        p->frag_len_left   = 0;
        p->next_frag_start = 0;
        
+       p->ntlmssp_validated = False;
+       p->ntlmssp_auth      = False;
+       
        fstrcpy(p->name, pipe_name);
        
        DEBUG(4,("Opened pipe %s with handle %x (pipes_open=%d)\n",
index 11574be9b31ecd9e1f3fb2352e93be46bcb7f41b..a3d758489cd1faae2ff5b9d69e81c702507fbda6 100644 (file)
@@ -719,6 +719,80 @@ static void api_samr_lookup_names( uint16 vuid, prs_struct *data, prs_struct *rd
        samr_reply_lookup_names(&q_u, rdata);
 }
 
+/*******************************************************************
+ samr_reply_chgpasswd_user
+ ********************************************************************/
+static void samr_reply_chgpasswd_user(SAMR_Q_CHGPASSWD_USER *q_u,
+                               prs_struct *rdata)
+{
+       SAMR_R_CHGPASSWD_USER r_u;
+       uint32 status = 0x0;
+       fstring user_name;
+       fstring wks;
+
+       fstrcpy(user_name, unistrn2(q_u->uni_user_name.buffer, q_u->uni_user_name.uni_str_len));
+       fstrcpy(wks      , unistrn2(q_u->uni_dest_host.buffer, q_u->uni_dest_host.uni_str_len));
+
+       DEBUG(5,("samr_chgpasswd_user: user: %s wks: %s\n", user_name, wks));
+
+       /* oops! */
+       status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
+
+       make_samr_r_chgpasswd_user(&r_u, status);
+
+       /* store the response in the SMB stream */
+       samr_io_r_chgpasswd_user("", &r_u, rdata, 0);
+
+       DEBUG(5,("samr_chgpasswd_user: %d\n", __LINE__));
+}
+
+/*******************************************************************
+ api_samr_chgpasswd_user
+ ********************************************************************/
+static void api_samr_chgpasswd_user( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+       SAMR_Q_CHGPASSWD_USER q_u;
+
+       /* unknown 38 command */
+       samr_io_q_chgpasswd_user("", &q_u, data, 0);
+
+       /* construct reply. */
+       samr_reply_chgpasswd_user(&q_u, rdata);
+}
+
+
+/*******************************************************************
+ samr_reply_unknown_38
+ ********************************************************************/
+static void samr_reply_unknown_38(SAMR_Q_UNKNOWN_38 *q_u,
+                               prs_struct *rdata)
+{
+       SAMR_R_UNKNOWN_38 r_u;
+
+       DEBUG(5,("samr_unknown_38: %d\n", __LINE__));
+
+       make_samr_r_unknown_38(&r_u);
+
+       /* store the response in the SMB stream */
+       samr_io_r_unknown_38("", &r_u, rdata, 0);
+
+       DEBUG(5,("samr_unknown_38: %d\n", __LINE__));
+}
+
+/*******************************************************************
+ api_samr_unknown_38
+ ********************************************************************/
+static void api_samr_unknown_38( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+       SAMR_Q_UNKNOWN_38 q_u;
+
+       /* unknown 38 command */
+       samr_io_q_unknown_38("", &q_u, data, 0);
+
+       /* construct reply.  always indicate success */
+       samr_reply_unknown_38(&q_u, rdata);
+}
+
 
 /*******************************************************************
  samr_reply_unknown_12
@@ -1356,6 +1430,8 @@ static struct api_struct api_samr_cmds [] =
        { "SAMR_QUERY_ALIASINFO"  , SAMR_QUERY_ALIASINFO  , api_samr_query_aliasinfo  },
        { "SAMR_0x32"             , 0x32                  , api_samr_unknown_32       },
        { "SAMR_UNKNOWN_12"       , SAMR_UNKNOWN_12       , api_samr_unknown_12       },
+       { "SAMR_UNKNOWN_38"       , SAMR_UNKNOWN_38       , api_samr_unknown_38       },
+       { "SAMR_CHGPASSWD_USER"   , SAMR_CHGPASSWD_USER   , api_samr_chgpasswd_user   },
        { "SAMR_OPEN_ALIAS"       , SAMR_OPEN_ALIAS       , api_samr_open_alias       },
        { "SAMR_OPEN_DOMAIN"      , SAMR_OPEN_DOMAIN      , api_samr_open_domain      },
        { "SAMR_UNKNOWN_3"        , SAMR_UNKNOWN_3        , api_samr_unknown_3        },
index 76f113374d4eb0fa93952eff7af896277befd855..93640f3445aef9a61fe854d1be65305a7c0e10b4 100644 (file)
@@ -248,11 +248,12 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p)
        dump_data(100, lm_owf, sizeof(lm_owf));
        dump_data(100, nt_owf, sizeof(nt_owf));
 #endif
-       return True;
-#if 0
-       return pass_check_smb(p->user_name, p->domain,
-                             p->ntplssp_chal.challenge, lm_owf, nt_owf);
-#endif
+       become_root(True);
+       p->ntlmssp_validated = pass_check_smb(p->user_name, p->domain,
+                             p->ntlmssp_chal.challenge, lm_owf, nt_owf, NULL);
+       unbecome_root(True);
+
+       return p->ntlmssp_validated;
 }
 
 static BOOL api_pipe_ntlmssp(pipes_struct *p, prs_struct *pd)
@@ -486,10 +487,26 @@ static BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *pd)
        return True;
 }
 
+
+static BOOL api_pipe_auth_process(pipes_struct *p, prs_struct *pd)
+{
+       return True;
+}
+
 static BOOL api_pipe_request(pipes_struct *p, prs_struct *pd)
 {
        int i = 0;
 
+       if (p->ntlmssp_auth && p->ntlmssp_validated)
+       {
+               if (!api_pipe_auth_process(p)) return False;
+
+               DEBUG(0,("api_pipe_request: **** MUST CALL become_user() HERE **** \n"));
+#if 0
+               become_user();
+#endif
+       }
+
        for (i = 0; api_fd_commands[i].pipe_clnt_name; i++)
        {
                if (strequal(api_fd_commands[i].pipe_clnt_name, p->name) &&
index 877abce66ee11b5df75c77da3c40414e0707e5c6..a3fd57909543f73c4c6ad30ebef4c6070af99ad6 100644 (file)
@@ -141,6 +141,17 @@ void cmd_sam_test(struct client_info *info)
 
        fprintf(out_hnd, "SAM Encryption Test\n");
 
+       cli_nt_set_ntlmssp_flgs(smb_cli,
+                                   NTLMSSP_NEGOTIATE_UNICODE |
+                                   NTLMSSP_NEGOTIATE_OEM |
+                                   NTLMSSP_NEGOTIATE_SIGN |
+                                   NTLMSSP_NEGOTIATE_SEAL |
+                                   NTLMSSP_NEGOTIATE_LM_KEY |
+                                   NTLMSSP_NEGOTIATE_NTLM |
+                                   NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
+                                   NTLMSSP_NEGOTIATE_00001000 |
+                                   NTLMSSP_NEGOTIATE_00002000);
+
        /* open SAMR session.  */
        res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
 
@@ -527,9 +538,11 @@ void cmd_sam_enum_aliases(struct client_info *info)
        fstring alias_names [3];
        uint32  num_als_usrs[3];
 
-       fstrcpy(sid   , info->dom.level5_sid);
-       fstrcpy(domain, info->dom.level5_dom);
-
+       fstrcpy(sid   , info->dom.level3_sid);
+       fstrcpy(domain, info->dom.level3_dom);
+#if 0
+       fstrcpy(sid   , "S-1-5-20");
+#endif
        if (strlen(sid) == 0)
        {
                fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");